Tenga data breach exposes customer names and email addresses
Summary
Tenga's data breach exposed about 600 U.S. customers' names, emails, and order details after an employee's email was hacked. The company has notified affected individuals.
Tenga data breach exposes customer information
Sex toy manufacturer Tenga has notified customers of a data breach. The company confirmed the incident to TechCrunch on Friday.
In an email to customers, Tenga stated that an unauthorized party gained access to a single employee's professional email account. This access potentially allowed the hacker to view and steal customer names, email addresses, and historical email correspondence.
What data was compromised
The compromised inbox contained emails that "may include order details or customer service inquiries." Given the nature of Tenga's products, this correspondence likely includes intimate information customers would not want disclosed.
The hacker also used the breached account to send spam emails to the employee's contacts, which included customers. Tenga has stated the breach affected approximately 600 people in the United States.
A company spokesperson said, “We have already proactively contacted those who may have been impacted to ensure their safety and provide guidance.” It is unclear if customers outside the U.S. were affected.
Company response and security lapses
Following the breach, Tenga says it took several security measures. These included resetting the compromised employee’s credentials and enabling multi-factor authentication (MFA) across its systems.
However, the company spokesperson would not confirm whether MFA was enabled on the email account prior to the breach. Enabling MFA is a basic security practice that prevents access to accounts even if a password is stolen.
The company also recommended customers take their own precautions:
- Change your passwords, even though Tenga did not state that customer passwords were compromised.
- Be vigilant of suspicious emails, particularly those appearing to come from the specific employee whose account was breached.
A recurring problem for adult industry companies
Tenga is the latest in a series of adult-oriented companies to suffer a data breach. This trend highlights ongoing security challenges within the sector.
Other notable breaches in recent years include:
- Sex toy maker Lovense, which was hacked last year.
- Adult website Pornhub, which experienced a breach last year.
- Site SexPanther, which was hacked in 2020.
Tenga, founded in 2005 and headquartered in Tokyo, sells a variety of sex toys and says it has shipped over 162 million products worldwide. The company's U.S. division, Tenga Store USA, was the entity that communicated the breach.
Related Articles
MuMu Player Pro for macOS collects system data every 30 minutes
MuMu Player Pro for macOS secretly collects extensive system data every 30 minutes, including network devices, all running processes, installed apps, and kernel parameters, linked to your Mac's serial number. This is not disclosed in its privacy policy.
Discord to require age verification for full feature access
Discord is rolling out mandatory age verification globally starting in March. Unverified accounts will lose access to adult channels, see blurred content, and have restricted messaging. Users can verify via AI prediction, a video selfie, or ID scan. Alternatives like Slack or TeamSpeak exist but have limitations.
Stay in the loop
Get the best AI-curated news delivered to your inbox. No spam, unsubscribe anytime.
